Design of internal information leakage detection system considering the privacy violation

2010 International Conference on Information and Communication Technology Convergence (ICTC) Pub Date : 2010-12-23 DOI:10.1109/ICTC.2010.5674800

Jinhyung Kim, Hyung-Jong Kim

{"title":"Design of internal information leakage detection system considering the privacy violation","authors":"Jinhyung Kim, Hyung-Jong Kim","doi":"10.1109/ICTC.2010.5674800","DOIUrl":null,"url":null,"abstract":"Nowadays, companies are monitoring their employee's behavior using the DLP (Data Loss Prevention) solution to protect their information assets from internal attackers. During the monitoring the behaviors of employees, it is inevitable disclosing the private information to recognize the violation of internal regulation about handling of companies critical information. Actually there is trade-off relationship between privacy protection and data loss protection in company's information management. The trade-off relationship implies that there may be privacy violation if we are trying to prevent the internal information leakage strictly. In this paper, we are suggesting a data loss prevention method considering the privacy violation level. Especially, we are considering a method of quantifying the degree of privacy violation based on the data units which are exposed when the employee's data handling is monitored. At the same time, we are suggesting a method of quantifying the degree of importance of data units which are monitored.","PeriodicalId":149198,"journal":{"name":"2010 International Conference on Information and Communication Technology Convergence (ICTC)","volume":"32 1","pages":"0"},"PeriodicalIF":0.0000,"publicationDate":"2010-12-23","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"13","resultStr":null,"platform":"Semanticscholar","paperid":null,"PeriodicalName":"2010 International Conference on Information and Communication Technology Convergence (ICTC)","FirstCategoryId":"1085","ListUrlMain":"https://doi.org/10.1109/ICTC.2010.5674800","RegionNum":0,"RegionCategory":null,"ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"","JCRName":"","Score":null,"Total":0}

引用次数: 13

Abstract

Nowadays, companies are monitoring their employee's behavior using the DLP (Data Loss Prevention) solution to protect their information assets from internal attackers. During the monitoring the behaviors of employees, it is inevitable disclosing the private information to recognize the violation of internal regulation about handling of companies critical information. Actually there is trade-off relationship between privacy protection and data loss protection in company's information management. The trade-off relationship implies that there may be privacy violation if we are trying to prevent the internal information leakage strictly. In this paper, we are suggesting a data loss prevention method considering the privacy violation level. Especially, we are considering a method of quantifying the degree of privacy violation based on the data units which are exposed when the employee's data handling is monitored. At the same time, we are suggesting a method of quantifying the degree of importance of data units which are monitored.

查看原文本刊更多论文

考虑隐私侵犯的内部信息泄露检测系统设计

如今，公司正在使用DLP(数据丢失预防)解决方案来监控员工的行为，以保护他们的信息资产免受内部攻击者的攻击。在对员工行为进行监控的过程中，为了识别违反公司关键信息处理内部规定的行为，披露私人信息是不可避免的。在企业信息管理中，隐私保护与数据丢失保护实际上是一种权衡关系。这种权衡关系意味着，如果我们试图严格防止内部信息泄露，可能会出现侵犯隐私的情况。在本文中，我们提出了一种考虑隐私侵犯程度的数据丢失预防方法。特别是，我们正在考虑一种基于监控员工数据处理时暴露的数据单元来量化隐私侵犯程度的方法。同时，我们提出了一种量化所监测数据单元重要性的方法。

本文章由计算机程序翻译，如有差异，请以英文原文为准。

求助全文

约1分钟内获得全文求助全文

来源期刊

2010 International Conference on Information and Communication Technology Convergence (ICTC)

自引率

0.00%

发文量